Tag: firewall

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Jan 2, 2026 5:52 PM

Tags: 2fa, attack, authentication, data-breach, exploit, firewall, fortinet, Internet, mfa, vulnerability

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/
48-Stunden-Angriff zeigt Risiken ungepatchter Edge-Komponenten – So führte eine ungepatchte Firewall zur kompletten Netzwerkübernahme

Jan 1, 2026 2:52 PM

Tags: cyberattack, firewall, risk

First seen on security-insider.de Jump to article: www.security-insider.de/ransomware-angriff-netzwerkuebernahme-a-2e03ed1ebe27b072563dcdb1f0b59306/
Best of 2025: NOTGreat Firewall: China Blocks the Web for 74 Min.

Dec 31, 2025 3:52 PM

Tags: access, china, firewall

HTTPS connections on port 443 received forged”¯”¯replies. Chinese web users couldn’t access websites outside the People’s Republic yesterday. The outage lasted an hour and a quarter”, with no explanation. Nobody’s sure whether it was a mistake or an ominous test of new censorship capabilities. But some are linking it to a recent outage in Pakistan.…
Why 60% of Firewalls Fail High-Severity Checks and How NSPM Fixes It

Dec 31, 2025 5:51 AM

Tags: firewall

Firewall audit failures are not edge cases anymore. They are the norm. Across industries, nearly 60% of firewalls fail at least one high-severity check during audits and internal assessments. These… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/why-60-of-firewalls-fail-high-severity-checks-and-how-nspm-fixes-it/
Aktive Angriffe auf FortiGate nutzen Schwachstellen in FortiCloud SSO – Angriff auf FortiGate-Firewalls über manipulierte SAML-SSO-Anmeldungen

Dec 29, 2025 7:55 AM

Tags: cyberattack, firewall, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/fortigate-saml-sso-angriffe-a-f214a1aa54d96ff9937c96325e43bef3/
Week in review: WatchGuard Firebox firewalls attacked, infosec enthusiasts targeted with fake PoCs

Dec 28, 2025 10:55 AM

Tags: cyber, firewall, infosec, WeeklyReview

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building cyber talent through competition, residency, and real-world … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/28/week-in-review-watchguard-firebox-firewalls-attacked-infosec-enthusiasts-targeted-with-fake-pocs/
Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

Dec 22, 2025 11:19 PM

Tags: attack, exploit, firewall, threat, vulnerability, zero-day

With attacks on the critical firewall vulnerability, WatchGuard joins a list of edge device vendors that have been targeted in recent weeks. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/threat-actors-zero-day-watchguard-firebox
WatchGuard Fixes Firewall Zero-Day Being Actively Exploited

Dec 22, 2025 5:19 PM

Tags: cve, exploit, firewall, Internet, vulnerability, zero-day

Scans Count 117,000 Unpatched Firewalls Running Vulnerable Version of Fireware OS. Attackers are actively attempting to exploit a now patched, zero-day vulnerability in WatchGuard Firebox firewalls, tracked as CVE-2025-14733, that can be used to remotely execute code. Scans show that over 115,000 of these edge devices remain internet-connected, unpatched and at risk. First seen on…
125,000 WatchGuard Firewalls Vulnerable to Remote Attacks

Dec 22, 2025 5:19 PM

Tags: attack, exploit, firewall, flaw, vulnerability, zero-day

A critical zero-day flaw is being actively exploited to remotely compromise more than 125,000 WatchGuard Firebox firewalls. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/125000-watchguard-firewalls-vulnerable-to-remote-attacks/
âš¡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

Dec 22, 2025 2:19 PM

Tags: ai, android, apt, attack, cyber, data, exploit, firewall, leak, software, theft, threat, tool

Cyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most, firewalls, browser add-ons, and even smart TVs, turning small cracks into serious breaches.The real danger now isn’t just one major attack, but hundreds of quiet ones using the software and…
WatchGuard Firebox firewalls under attack (CVE-2025-14733)

Dec 22, 2025 1:19 PM

Tags: attack, cve, firewall, Internet, remote-code-execution, vulnerability

More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/watchguard-firebox-vulnerability-cve-2025-14733/
Critical RCE flaw impacts over 115,000 WatchGuard firewalls

Dec 22, 2025 10:19 AM

Tags: data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerability

Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-115-000-watchguard-firewalls-vulnerable-to-ongoing-rce-attacks/
Critical RCE flaw impacts over 115,000 WatchGuard firewalls

Dec 22, 2025 10:19 AM

Tags: data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerability

Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-115-000-watchguard-firewalls-vulnerable-to-ongoing-rce-attacks/
Kritische Sicherheitslücke: Laufende Attacken gefährden über 100.000 Firewalls

Dec 22, 2025 10:19 AM

Tags: bug, exploit, firewall, germany

Allein in Deutschland gibt es rund 13.000 anfällige Watchguard-Firewalls. Angreifer schleusen bereits Schadcode ein. Admins sollten zügig handeln. First seen on golem.de Jump to article: www.golem.de/news/kritische-firebox-luecke-laufende-attacken-gefaehrden-ueber-100-000-firewalls-2512-203504.html
Partnerschaft – Zyxel bindet Avast-Endpunktschutz in USG-Flex-H-Firewalls ein

Dec 22, 2025 8:18 AM

Tags: firewall, zyxel

First seen on security-insider.de Jump to article: www.security-insider.de/zyxel-bindet-avast-endpunktschutz-in-usg-flex-h-firewalls-ein-a-306b599d7f5ea3e933a222bb60f8744e/
Partnerschaft – Zyxel bindet Avast-Endpunktschutz in USG-Flex-H-Firewalls ein

Dec 22, 2025 8:18 AM

Tags: firewall, zyxel

First seen on security-insider.de Jump to article: www.security-insider.de/zyxel-bindet-avast-endpunktschutz-in-usg-flex-h-firewalls-ein-a-306b599d7f5ea3e933a222bb60f8744e/
Partnerschaft – Zyxel bindet Avast-Endpunktschutz in USG-Flex-H-Firewalls ein

Dec 22, 2025 8:18 AM

Tags: firewall, zyxel

First seen on security-insider.de Jump to article: www.security-insider.de/zyxel-bindet-avast-endpunktschutz-in-usg-flex-h-firewalls-ein-a-306b599d7f5ea3e933a222bb60f8744e/
Anubis: Open-source web AI firewall to protect from scraper bots

Dec 22, 2025 7:19 AM

Tags: ai, firewall, open-source, tool

Anubis is an open-source tool designed to protect websites from automated scraping and abusive traffic by adding computational friction before a request is served. Maintained … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/anubis-open-source-web-ai-firewall-protect-from-bots/
“‹”‹Marquis Data Breach Exposes Hundreds of Thousands of Bank Customers

Dec 22, 2025 5:19 AM

Tags: breach, cyberattack, data, data-breach, exploit, finance, firewall, service, unauthorized, vulnerability

New regulatory disclosures have confirmed that a cyberattack on financial services vendor Marquis exposed sensitive personal and financial information belonging to more than 400,000 bank and credit union customers across the United States. According to filings submitted to state authorities, attackers accessed Marquis systems by exploiting a known but unpatched firewall vulnerability, allowing unauthorized access……
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

Dec 19, 2025 11:19 PM

Tags: cloud, firewall, fortinet, guide, network, risk, risk-management

Large enterprises today find themselves stuck in the “messy middle” of digital transformation, managing legacy on-premise firewalls from Palo Alto, Check Point, and Fortinet while simultaneously governing fast-growing cloud environments…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/4-pillars-of-network-risk-reduction-a-guide-to-network-security-risk-management/
‘Critical’ WatchGuard Firebox Vulnerability Exploited In Attacks

Dec 19, 2025 11:19 PM

Tags: attack, cisa, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability

A critical-severity vulnerability impacting customers of WatchGuard’s next-generation firewall, Firebox, has seen exploitation in cyberattacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed Friday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-critical-watchguard-firebox-vulnerability-exploited-in-attacks
‘Critical’ WatchGuard Firebox Vulnerability Exploited In Attacks

Dec 19, 2025 11:19 PM

Tags: attack, cisa, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability

A critical-severity vulnerability impacting customers of WatchGuard’s next-generation firewall, Firebox, has seen exploitation in cyberattacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed Friday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-critical-watchguard-firebox-vulnerability-exploited-in-attacks
‘Critical’ WatchGuard Firebox Vulnerability Exploited In Attacks

Dec 19, 2025 11:19 PM

Tags: attack, cisa, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability

A critical-severity vulnerability impacting customers of WatchGuard’s next-generation firewall, Firebox, has seen exploitation in cyberattacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed Friday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-critical-watchguard-firebox-vulnerability-exploited-in-attacks
WatchGuard sounds alarm as critical Firebox flaw comes under active attack

Dec 19, 2025 8:19 PM

Tags: attack, data-breach, firewall, flaw, vulnerability

Newly disclosed vulnerability already being abused, users urged to lock down exposed firewalls First seen on theregister.com Jump to article: www.theregister.com/2025/12/19/watchguard_firebox/
The WAF must die some interesting thoughts FireTail Blog

Dec 19, 2025 4:19 PM

Tags: api, attack, authentication, control, firewall, Internet, linkedin, password, software, tool, unauthorized, vpn, waf

Dec 19, 2025 – Jeremy Snyder – A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application firewalls, most commonly known as a WAF. WAF’s Must Die Like the Password and VPN’s Here at FireTail.io, we are also not fans of a WAF. Why? We do…
New critical WatchGuard Firebox firewall flaw exploited in attacks

Dec 19, 2025 12:19 PM

Tags: attack, exploit, firewall, flaw, remote-code-execution, update, vulnerability

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its Firebox firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/watchguard-warns-of-new-rce-flaw-in-firebox-firewalls-exploited-in-attacks/
WatchGuard Zero-Day Actively Exploited to Seize Control of Firewalls

Dec 19, 2025 10:19 AM

Tags: control, cyber, exploit, firewall, flaw, vulnerability, zero-day

WatchGuard has issued an urgent warning regarding a critical zero-day vulnerability in its Firebox firewall appliances that is currently being exploited in the wild. The flaw, tracked as CVE-2025-14733, allows remote attackers to seize control of affected devices without needing any authentication. Technical Details and Impact The vulnerability is an Out-of-Bounds Write flaw located in the iked process, which handles…
Der Raspberry-Pi-Weckruf für CISOs

Dec 18, 2025 6:19 PM

Tags: access, authentication, ceo, ciso, control, cyberattack, dns, firewall, group, hacker, Hardware, infrastructure, linux, monitoring, office, risk, switch, tool, voip, vpn

Kleines Device, große Wirkung.Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff…
Cisco confirms zero-day exploitation of Secure Email products

Dec 18, 2025 1:19 PM

Tags: business, cisco, control, email, exploit, firewall, infrastructure, risk, threat, update, zero-day

Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
Cisco confirms zero-day exploitation of Secure Email products

Dec 18, 2025 1:19 PM

Tags: business, cisco, control, email, exploit, firewall, infrastructure, risk, threat, update, zero-day

Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…